- Timestamp:
- 05/18/2005 04:31:24 PM (19 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 84f1407
- Parents:
- b86cfc2
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
server/major/openssh.xml
rb86cfc2 re4e0d060 5 5 %general-entities; 6 6 7 <!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">8 <!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz">9 <!ENTITY openssh-md5sum "7b36f28fc16e1b7f4ba3c1dca191ac92">10 <!ENTITY openssh-size "889 KB">11 <!ENTITY openssh-buildsize "14.5 MB">12 <!ENTITY openssh-time "0.42 SBU">7 <!ENTITY openssh-download-http "http://sunsite.ualberta.ca/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 8 <!ENTITY openssh-download-ftp "ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-&openssh-version;.tar.gz"> 9 <!ENTITY openssh-md5sum "7b36f28fc16e1b7f4ba3c1dca191ac92"> 10 <!ENTITY openssh-size "889 KB"> 11 <!ENTITY openssh-buildsize "14.5 MB"> 12 <!ENTITY openssh-time "0.42 SBU"> 13 13 ]> 14 14 15 15 <sect1 id="openssh" xreflabel="OpenSSH-&openssh-version;"> 16 <sect1info> 17 <othername>$LastChangedBy$</othername> 18 <date>$Date$</date> 19 </sect1info> 20 <?dbhtml filename="openssh.html"?> 21 <title>Open<acronym>SSH</acronym>-&openssh-version;</title> 22 <indexterm zone="openssh"> 23 <primary sortas="a-OpenSSH">OpenSSH</primary></indexterm> 24 25 <sect2> 26 <title>Introduction to 27 <application>Open<acronym>SSH</acronym></application></title> 28 29 <para>The <application>Open<acronym>SSH</acronym></application> package 30 contains <command>ssh</command> clients and the <command>sshd</command> daemon. 31 This is useful for encrypting authentication and subsequent traffic over a 32 network.</para> 33 34 <sect3><title>Package information</title> 35 <itemizedlist spacing='compact'> 36 <listitem><para>Download (HTTP): 37 <ulink url="&openssh-download-http;"/></para></listitem> 38 <listitem><para>Download (FTP): 39 <ulink url="&openssh-download-ftp;"/></para></listitem> 40 <listitem><para>Download MD5 sum: &openssh-md5sum;</para></listitem> 41 <listitem><para>Download size: &openssh-size;</para></listitem> 42 <listitem><para>Estimated disk space required: 43 &openssh-buildsize;</para></listitem> 44 <listitem><para>Estimated build time: 45 &openssh-time;</para></listitem></itemizedlist> 46 </sect3> 47 48 <sect3><title><application>Open<acronym>SSH</acronym></application> 49 dependencies</title> 50 <sect4><title>Required</title> 51 <para><xref linkend="openssl"/></para> 52 </sect4> 53 54 <sect4><title>Optional</title> 55 <para><xref linkend="Linux_PAM"/>, 56 <xref linkend="tcpwrappers"/>, 57 X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>), 58 <xref linkend="mitkrb"/> or <xref linkend="heimdal"/>, 59 <xref linkend="jdk"/>, 60 <xref linkend="net-tools"/>, 61 <ulink url="http://www.opensc.org/">OpenSC</ulink> and 62 <ulink url="http://sourceforge.net/projects/libedit/">libedit</ulink></para> 63 </sect4> 64 </sect3> 65 66 </sect2> 67 68 <sect2> 69 <title>Installation of 70 <application>Open<acronym>SSH</acronym></application></title> 71 72 <para><application>Open<acronym>SSH</acronym></application> runs as two 73 processes when connecting to other computers. The first process is a 74 privileged process and controls the issuance of privileges as necessary. 75 The second process communicates with the network. Additional installation 76 steps are necessary to set up the proper environment, which are performed 77 by the following commands:</para> 78 79 <screen><userinput><command>install -v -d -m700 /var/lib/sshd && 16 <?dbhtml filename="openssh.html"?> 17 18 <sect1info> 19 <othername>$LastChangedBy$</othername> 20 <date>$Date$</date> 21 </sect1info> 22 23 <title>OpenSSH-&openssh-version;</title> 24 25 <indexterm zone="openssh"> 26 <primary sortas="a-OpenSSH">OpenSSH</primary> 27 </indexterm> 28 29 <sect2 role="package"> 30 <title>Introduction to OpenSSH</title> 31 32 <para>The <application>OpenSSH</application> package contains 33 <command>ssh</command> clients and the <command>sshd</command> daemon. 34 This is useful for encrypting authentication and subsequent traffic 35 over a network.</para> 36 37 <bridgehead renderas="sect3">Package Information</bridgehead> 38 <itemizedlist spacing="compact"> 39 <listitem> 40 <para>Download (HTTP): <ulink url="&openssh-download-http;"/></para> 41 </listitem> 42 <listitem> 43 <para>Download (FTP): <ulink url="&openssh-download-ftp;"/></para> 44 </listitem> 45 <listitem> 46 <para>Download MD5 sum: &openssh-md5sum;</para> 47 </listitem> 48 <listitem> 49 <para>Download size: &openssh-size;</para> 50 </listitem> 51 <listitem> 52 <para>Estimated disk space required: &openssh-buildsize;</para> 53 </listitem> 54 <listitem> 55 <para>Estimated build time: &openssh-time;</para> 56 </listitem> 57 </itemizedlist> 58 59 <bridgehead renderas="sect3">OpenSSH Dependencies</bridgehead> 60 61 <bridgehead renderas="sect4">Required</bridgehead> 62 <para><xref linkend="openssl"/></para> 63 64 <bridgehead renderas="sect4">Optional</bridgehead> 65 <para><xref linkend="Linux_PAM"/>, 66 <xref linkend="tcpwrappers"/>, 67 X (<xref linkend="xfree86"/> or <xref linkend="xorg"/>), 68 <xref linkend="mitkrb"/> or <xref linkend="heimdal"/>, 69 <xref linkend="jdk"/>, 70 <xref linkend="net-tools"/>, 71 <ulink url="http://www.opensc.org/">OpenSC</ulink> and 72 <ulink url="http://sourceforge.net/projects/libedit/">libedit</ulink></para> 73 74 </sect2> 75 76 <sect2 role="installation"> 77 <title>Installation of OpenSSH</title> 78 79 <para><application>OpenSSH</application> runs as two processes when 80 connecting to other computers. The first process is a privileged process 81 and controls the issuance of privileges as necessary. The second process 82 communicates with the network. Additional installation steps are necessary 83 to set up the proper environment, which are performed by the following 84 commands:</para> 85 86 <screen role="root"><userinput>install -v -d -m700 /var/lib/sshd && 80 87 chown root:sys /var/lib/sshd && 81 88 groupadd sshd && 82 useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd -s /bin/false sshd</ command></userinput></screen>83 84 <para><application>OpenSSH</application> is very sensitive to changes in the 85 linked <application>OpenSSL</application> libraries. If you recompile86 <application>OpenSSL</application>, <application>OpenSSH</application> may87 fail to startup. An alternative is to link against the static 88 <application>OpenSSL</application> library. To link against the static 89 library, execute the following command:</para>90 91 <screen><userinput> <command>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</command></userinput></screen>92 93 <para>Install <application>Open<acronym>SSH</acronym></application> by running 94 the following commands:</para>95 96 <screen><userinput> <command>./configure --prefix=/usr --sysconfdir=/etc/ssh \89 useradd -c 'sshd PrivSep' -d /var/lib/sshd -g sshd -s /bin/false sshd</userinput></screen> 90 91 <para><application>OpenSSH</application> is very sensitive to changes in 92 the linked <application>OpenSSL</application> libraries. If you recompile 93 <application>OpenSSL</application>, <application>OpenSSH</application> may 94 fail to startup. An alternative is to link against the static 95 <application>OpenSSL</application> library. To link against the static 96 library, execute the following command:</para> 97 98 <screen><userinput>sed -i "s:-lcrypto:/usr/lib/libcrypto.a:g" configure</userinput></screen> 99 100 <para>Install <application>OpenSSH</application> by running 101 the following commands:</para> 102 103 <screen><userinput>./configure --prefix=/usr --sysconfdir=/etc/ssh \ 97 104 --libexecdir=/usr/sbin --with-md5-passwords \ 98 --with-privsep-path=/var/lib/sshd</command></userinput></screen> 99 100 <para>If you use <application>Heimdal</application> as your Kerberos5 101 implementation and you linked the <application>Heimdal</application> libraries 102 into the build using the <option>--with-kerberos5</option> parameter, you'll 103 need to modify the <filename>Makefile</filename> or the build will fail. Use 104 the following command:</para> 105 106 <screen><userinput><command>sed -i -e "s/lkrb5 -ldes/lkrb5/" Makefile</command></userinput></screen> 107 108 <para>Continue the build:</para> 109 110 <screen><userinput><command>make</command></userinput></screen> 111 112 <para>If you linked <application>tcp_wrappers</application> into the build 113 using the <option>--with-tcp-wrappers</option> parameter, ensure you add 114 127.0.0.1 to the sshd line in <filename>/etc/hosts.allow</filename> if you 115 have a restrictive <filename>/etc/hosts.deny</filename> file, or the testsuite 116 will fail. To run the testsuite, issue: <command>make -k 117 tests</command>.</para> 118 119 <para>Now, as the root user:</para> 120 121 <screen><userinput role='root'><command>make install</command></userinput></screen> 122 123 </sect2> 124 125 <sect2> 126 <title>Command explanations</title> 127 128 <para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents the 129 configuration files from being installed in 130 <filename class="directory">/usr/etc</filename>.</para> 131 132 <para><parameter>--with-md5-passwords</parameter>: This is required 133 if you made the changes recommended by the shadowpasswd_plus 134 <acronym>LFS</acronym> hint on 135 your <acronym>SSH</acronym> server when you installed the Shadow Password 136 Suite or if you access a <acronym>SSH</acronym> server that authenticates by 137 user passwords encrypted with md5. </para> 138 139 <para><parameter>--libexecdir=/usr/sbin</parameter>: This parameter 140 changes the installation path of some programs to 141 <filename class="directory">/usr/sbin</filename> instead of 142 <filename class="directory">/usr/libexec</filename>.</para> 143 144 </sect2> 145 146 <sect2> 147 <title>Configuring <application>Open<acronym>SSH</acronym></application></title> 148 149 <sect3 id="openssh-config"><title>Config files</title> 150 151 <para><filename>~/.ssh/*, /etc/ssh/ssh_config</filename> and 152 <filename>/etc/ssh/sshd_config</filename></para> 153 <indexterm zone="openssh openssh-config"> 154 <primary sortas="e-AA.ssh">~/.ssh/*</primary></indexterm> 155 <indexterm zone="openssh openssh-config"> 156 <primary sortas="e-etc-ssh-ssh_config">/etc/ssh/ssh_config</primary> 157 </indexterm> 158 <indexterm zone="openssh openssh-config"> 159 <primary sortas="e-etc-ssh-sshd_config">/etc/ssh/sshd_config</primary> 160 </indexterm> 161 162 <para>There are no required changes to any of these files. However, 163 you may wish to view the <filename class='directory'>/etc/ssh/</filename> 164 files and make any changes appropriate for the security of your system. One 165 recomended change is that you disable root login via <command>ssh</command>. 166 Execute the following command to disable root login via 167 <command>ssh</command>:</para> 168 169 <screen><userinput><command>echo "PermitRootLogin no" >> /etc/ssh/sshd_config</command></userinput></screen> 170 171 <para>Additional configuration information can be found in the man pages for 172 <command>sshd</command>, <command>ssh</command> and 173 <command>ssh-agent</command>.</para> 174 </sect3> 175 176 <sect3 id="openssh-init"><title>sshd init.d script</title> 177 178 <para>To start the <acronym>SSH</acronym> server at system boot, install the 179 <filename>/etc/rc.d/init.d/sshd</filename> init script included in the 180 <xref linkend="intro-important-bootscripts"/> package.</para> 181 <indexterm zone="openssh openssh-init"> 182 <primary sortas="f-sshd">sshd</primary></indexterm> 183 184 <screen><userinput><command>make install-sshd</command></userinput></screen> 185 </sect3> 186 187 </sect2> 188 189 <sect2> 190 <title>Contents</title> 191 192 <segmentedlist> 193 <segtitle>Installed Programs</segtitle> 194 <segtitle>Installed Libraries</segtitle> 195 <segtitle>Installed Directories</segtitle> 196 197 <seglistitem> 198 <seg>scp, sftp, sftp-server, slogin, ssh, sshd, ssh-add, ssh-agent, 199 ssh-keygen, ssh-keyscan and ssh-keysign</seg> 200 <seg>None</seg> 201 <seg>/etc/ssh and /var/lib/sshd</seg> 202 </seglistitem> 203 </segmentedlist> 204 205 <variablelist> 206 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 207 <?dbfo list-presentation="list"?> 208 209 <varlistentry id="scp"> 210 <term><command>scp</command></term> 211 <listitem><para>is a file copy program that acts like <command>rcp</command> 212 except it uses an encrypted protocol.</para> 213 <indexterm zone="openssh scp"> 214 <primary sortas="b-scp">scp</primary> 215 </indexterm></listitem> 216 </varlistentry> 217 218 <varlistentry id="sftp"> 219 <term><command>sftp</command></term> 220 <listitem><para>is an <acronym>FTP</acronym>-like program that works over 221 <acronym>SSH</acronym>1 and <acronym>SSH</acronym>2 protocols.</para> 222 <indexterm zone="openssh sftp"> 223 <primary sortas="b-sftp">sftp</primary> 224 </indexterm></listitem> 225 </varlistentry> 226 227 <varlistentry id="sftp-server"> 228 <term><command>sftp-server</command></term> 229 <listitem><para>is an <acronym>SFTP</acronym> server subsystem.</para> 230 <indexterm zone="openssh sftp-server"> 231 <primary sortas="b-sftp-server">sftp-server</primary> 232 </indexterm></listitem> 233 </varlistentry> 234 235 <varlistentry id="slogin"> 236 <term><command>slogin</command></term> 237 <listitem><para>is a symlink to <command>ssh</command>.</para> 238 <indexterm zone="openssh slogin"> 239 <primary sortas="g-slogin">slogin</primary> 240 </indexterm></listitem> 241 </varlistentry> 242 243 <varlistentry id="ssh"> 244 <term><command>ssh</command></term> 245 <listitem><para>is an <command>rlogin</command>/<command>rsh</command>-like 246 client program except it uses an encrypted protocol.</para> 247 <indexterm zone="openssh ssh"> 248 <primary sortas="b-ssh">ssh</primary> 249 </indexterm></listitem> 250 </varlistentry> 251 252 <varlistentry id="sshd"> 253 <term><command>sshd</command></term> 254 <listitem><para>is a daemon that listens for <command>ssh</command> login 255 requests.</para> 256 <indexterm zone="openssh sshd"> 257 <primary sortas="b-sshd">sshd</primary> 258 </indexterm></listitem> 259 </varlistentry> 260 261 <varlistentry id="ssh-add"> 262 <term><command>ssh-add</command></term> 263 <listitem><para>is a tool which adds keys to the 264 <command>ssh-agent</command>.</para> 265 <indexterm zone="openssh ssh-add"> 266 <primary sortas="b-ssh-add">ssh-add</primary> 267 </indexterm></listitem> 268 </varlistentry> 269 270 <varlistentry id="ssh-agent"> 271 <term><command>ssh-agent</command></term> 272 <listitem><para>is an authentication agent that can store private keys.</para> 273 <indexterm zone="openssh ssh-agent"> 274 <primary sortas="b-ssh-agent">ssh-agent</primary> 275 </indexterm></listitem> 276 </varlistentry> 277 278 <varlistentry id="ssh-keygen"> 279 <term><command>ssh-keygen</command></term> 280 <listitem><para>is a key generation tool.</para> 281 <indexterm zone="openssh ssh-keygen"> 282 <primary sortas="b-ssh-keygen">ssh-keygen</primary> 283 </indexterm></listitem> 284 </varlistentry> 285 286 <varlistentry id="ssh-keyscan"> 287 <term><command>ssh-keyscan</command></term> 288 <listitem><para>is a utility for gathering public host keys from a number of 289 hosts.</para> 290 <indexterm zone="openssh ssh-keyscan"> 291 <primary sortas="b-ssh-keyscan">ssh-keyscan</primary> 292 </indexterm></listitem> 293 </varlistentry> 294 295 <varlistentry id="ssh-keysign"> 296 <term><command>ssh-keysign</command></term> 297 <listitem><para>is used by <command>ssh</command> to access the local host 298 keys and generate the digital signature required during hostbased 299 authentication with <acronym>SSH</acronym> protocol version 2.</para> 300 <indexterm zone="openssh ssh-keysign"> 301 <primary sortas="b-ssh-keysign">ssh-keysign</primary> 302 </indexterm></listitem> 303 </varlistentry> 304 </variablelist> 305 306 </sect2> 105 --with-privsep-path=/var/lib/sshd</userinput></screen> 106 107 <para>If you use <application>Heimdal</application> as your Kerberos5 108 implementation and you linked the <application>Heimdal</application> 109 libraries into the build using the <option>--with-kerberos5</option> 110 parameter, you'll need to modify the <filename>Makefile</filename> or 111 the build will fail. Use the following command:</para> 112 113 <screen><userinput>sed -i -e "s/lkrb5 -ldes/lkrb5/" Makefile</userinput></screen> 114 115 <para>Continue the build:</para> 116 117 <screen><userinput>make</userinput></screen> 118 119 <para>If you linked <application>tcp_wrappers</application> into the 120 build using the <option>--with-tcp-wrappers</option> parameter, ensure 121 you add 127.0.0.1 to the sshd line in <filename>/etc/hosts.allow</filename> 122 if you have a restrictive <filename>/etc/hosts.deny</filename> file, or the 123 testsuite will fail. To run the testsuite, issue: <command>make -k 124 tests</command>.</para> 125 126 <para>Now, as the <systemitem class="username">root</systemitem> user:</para> 127 128 <screen role="root"><userinput>make install</userinput></screen> 129 130 </sect2> 131 132 <sect2 role="commands"> 133 <title>Command Explanations</title> 134 135 <para><parameter>--sysconfdir=/etc/ssh</parameter>: This prevents 136 the configuration files from being installed in 137 <filename class="directory">/usr/etc</filename>.</para> 138 139 <para><parameter>--with-md5-passwords</parameter>: This is required 140 if you made the changes recommended by the shadowpasswd_plus 141 LFS hint on your SSH server when you installed the Shadow Password 142 Suite or if you access a SSH server that authenticates by 143 user passwords encrypted with md5.</para> 144 145 <para><parameter>--libexecdir=/usr/sbin</parameter>: This parameter 146 changes the installation path of some programs to 147 <filename class="directory">/usr/sbin</filename> instead of 148 <filename class="directory">/usr/libexec</filename>.</para> 149 150 </sect2> 151 152 <sect2 role="configuration"> 153 <title>Configuring OpenSSH</title> 154 155 <sect3 id="openssh-config"> 156 <title>Config Files</title> 157 158 <para><filename>~/.ssh/*</filename>, 159 <filename>/etc/ssh/ssh_config</filename>, and 160 <filename>/etc/ssh/sshd_config</filename></para> 161 162 <indexterm zone="openssh openssh-config"> 163 <primary sortas="e-AA.ssh">~/.ssh/*</primary> 164 </indexterm> 165 166 <indexterm zone="openssh openssh-config"> 167 <primary sortas="e-etc-ssh-ssh_config">/etc/ssh/ssh_config</primary> 168 </indexterm> 169 170 <indexterm zone="openssh openssh-config"> 171 <primary sortas="e-etc-ssh-sshd_config">/etc/ssh/sshd_config</primary> 172 </indexterm> 173 174 <para>There are no required changes to any of these files. However, 175 you may wish to view the <filename class='directory'>/etc/ssh/</filename> 176 files and make any changes appropriate for the security of your system. One 177 recomended change is that you disable root login via <command>ssh</command>. 178 Execute the following command to disable root login via 179 <command>ssh</command>:</para> 180 181 <screen role="root"><userinput>echo "PermitRootLogin no" >> /etc/ssh/sshd_config</userinput></screen> 182 183 <para>Additional configuration information can be found in the man 184 pages for <command>sshd</command>, <command>ssh</command> and 185 <command>ssh-agent</command>.</para> 186 187 </sect3> 188 189 <sect3 id="openssh-init"> 190 <title>Boot Script</title> 191 192 <para>To start the SSH server at system boot, install the 193 <filename>/etc/rc.d/init.d/sshd</filename> init script included 194 in the <xref linkend="intro-important-bootscripts"/> package.</para> 195 196 <indexterm zone="openssh openssh-init"> 197 <primary sortas="f-sshd">sshd</primary> 198 </indexterm> 199 200 <screen role="root"><userinput>make install-sshd</userinput></screen> 201 202 </sect3> 203 204 </sect2> 205 206 <sect2 role="content"> 207 <title>Contents</title> 208 209 <segmentedlist> 210 <segtitle>Installed Programs</segtitle> 211 <segtitle>Installed Libraries</segtitle> 212 <segtitle>Installed Directories</segtitle> 213 214 <seglistitem> 215 <seg>scp, sftp, sftp-server, slogin, ssh, sshd, ssh-add, ssh-agent, 216 ssh-keygen, ssh-keyscan, and ssh-keysign</seg> 217 <seg>None</seg> 218 <seg>/etc/ssh and /var/lib/sshd</seg> 219 </seglistitem> 220 </segmentedlist> 221 222 <variablelist> 223 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 224 <?dbfo list-presentation="list"?> 225 <?dbhtml list-presentation="table"?> 226 227 <varlistentry id="scp"> 228 <term><command>scp</command></term> 229 <listitem> 230 <para>is a file copy program that acts like <command>rcp</command> 231 except it uses an encrypted protocol.</para> 232 <indexterm zone="openssh scp"> 233 <primary sortas="b-scp">scp</primary> 234 </indexterm> 235 </listitem> 236 </varlistentry> 237 238 <varlistentry id="sftp"> 239 <term><command>sftp</command></term> 240 <listitem> 241 <para>is an FTP-like program that works over 242 SSH1 and SSH2 protocols.</para> 243 <indexterm zone="openssh sftp"> 244 <primary sortas="b-sftp">sftp</primary> 245 </indexterm> 246 </listitem> 247 </varlistentry> 248 249 <varlistentry id="sftp-server"> 250 <term><command>sftp-server</command></term> 251 <listitem> 252 <para>is an SFTP server subsystem.</para> 253 <indexterm zone="openssh sftp-server"> 254 <primary sortas="b-sftp-server">sftp-server</primary> 255 </indexterm> 256 </listitem> 257 </varlistentry> 258 259 <varlistentry id="slogin"> 260 <term><command>slogin</command></term> 261 <listitem> 262 <para>is a symlink to <command>ssh</command>.</para> 263 <indexterm zone="openssh slogin"> 264 <primary sortas="g-slogin">slogin</primary> 265 </indexterm> 266 </listitem> 267 </varlistentry> 268 269 <varlistentry id="ssh"> 270 <term><command>ssh</command></term> 271 <listitem> 272 <para>is an <command>rlogin</command>/<command>rsh</command>-like 273 client program except it uses an encrypted protocol.</para> 274 <indexterm zone="openssh ssh"> 275 <primary sortas="b-ssh">ssh</primary> 276 </indexterm> 277 </listitem> 278 </varlistentry> 279 280 <varlistentry id="sshd"> 281 <term><command>sshd</command></term> 282 <listitem> 283 <para>is a daemon that listens for <command>ssh</command> login 284 requests.</para> 285 <indexterm zone="openssh sshd"> 286 <primary sortas="b-sshd">sshd</primary> 287 </indexterm> 288 </listitem> 289 </varlistentry> 290 291 <varlistentry id="ssh-add"> 292 <term><command>ssh-add</command></term> 293 <listitem> 294 <para>is a tool which adds keys to the 295 <command>ssh-agent</command>.</para> 296 <indexterm zone="openssh ssh-add"> 297 <primary sortas="b-ssh-add">ssh-add</primary> 298 </indexterm> 299 </listitem> 300 </varlistentry> 301 302 <varlistentry id="ssh-agent"> 303 <term><command>ssh-agent</command></term> 304 <listitem> 305 <para>is an authentication agent that can store private keys.</para> 306 <indexterm zone="openssh ssh-agent"> 307 <primary sortas="b-ssh-agent">ssh-agent</primary> 308 </indexterm> 309 </listitem> 310 </varlistentry> 311 312 <varlistentry id="ssh-keygen"> 313 <term><command>ssh-keygen</command></term> 314 <listitem> 315 <para>is a key generation tool.</para> 316 <indexterm zone="openssh ssh-keygen"> 317 <primary sortas="b-ssh-keygen">ssh-keygen</primary> 318 </indexterm> 319 </listitem> 320 </varlistentry> 321 322 <varlistentry id="ssh-keyscan"> 323 <term><command>ssh-keyscan</command></term> 324 <listitem> 325 <para>is a utility for gathering public host keys from a 326 number of hosts.</para> 327 <indexterm zone="openssh ssh-keyscan"> 328 <primary sortas="b-ssh-keyscan">ssh-keyscan</primary> 329 </indexterm> 330 </listitem> 331 </varlistentry> 332 333 <varlistentry id="ssh-keysign"> 334 <term><command>ssh-keysign</command></term> 335 <listitem> 336 <para>is used by <command>ssh</command> to access the local host 337 keys and generate the digital signature required during hostbased 338 authentication with SSH protocol version 2.</para> 339 <indexterm zone="openssh ssh-keysign"> 340 <primary sortas="b-ssh-keysign">ssh-keysign</primary> 341 </indexterm> 342 </listitem> 343 </varlistentry> 344 345 </variablelist> 346 347 </sect2> 307 348 308 349 </sect1> 309
Note:
See TracChangeset
for help on using the changeset viewer.